Anchor Eiop tunnel problem 5.2

Similar Messages

• GUest WLAN with Anchor WLC - roaming problems

  Hello,
  my wireless network consists in 3 WLC 4402 which manage 40 APs.
  I have a fourth WLC which I installed on my DMZ for guest vlan anchoring and web autentication.
  Everiting works fine but I have a problem:
  If my client associates with an AP and then I authenticate I'm ready to make traffic. As soon as my client roams to an AP managed by a differnt WLC I need to authenticate again. If I roam back to the first AP i need to reauthenticate.
  In my guest WLAN I use WEB authentication provided by the internal web server of the Anchor WLC.
  Thnks everybody

  Here are the output of show mobility summary.
  The last WLC is the anchor.
  WLC1
  Symmetric Mobility Tunneling (current) .......... Disabled
  Symmetric Mobility Tunneling (after reboot) ..... Disabled
  Mobility Protocol Port........................... 16666
  Mobility Security Mode........................... Disabled
  Default Mobility Domain.......................... mob1
  Multicast Mode .................................. Disabled
  Mobility Domain ID for 802.11r................... 0x392f
  Mobility Keepalive Interval...................... 10
  Mobility Keepalive Count......................... 3
  Mobility Group Members Configured................ 2
  Mobility Control Message DSCP Value.............. 0
  Controllers configured in the Mobility Group
  MAC Address IP Address Group Name Multicast IP Sta
  tus
  00:23:04:7d:3e:e0 10.25.1.21 mob1 0.0.0.0 Up
  00:23:04:7d:73:20 10.20.1.21 mob1 0.0.0.0 Up
  WLC2
  Symmetric Mobility Tunneling (current) .......... Disabled
  Symmetric Mobility Tunneling (after reboot) ..... Disabled
  Mobility Protocol Port........................... 16666
  Mobility Security Mode........................... Disabled
  Default Mobility Domain.......................... mob1
  Multicast Mode .................................. Disabled
  Mobility Domain ID for 802.11r................... 0x392f
  Mobility Keepalive Interval...................... 10
  Mobility Keepalive Count......................... 3
  Mobility Group Members Configured................ 2
  Mobility Control Message DSCP Value.............. 0
  Controllers configured in the Mobility Group
  MAC Address IP Address Group Name Multicast IP Sta
  tus
  00:23:04:7d:3e:e0 10.25.1.21 mob1 0.0.0.0 Up
  00:23:04:7d:62:a0 10.20.1.22 mob1 0.0.0.0 Up
  WLC3
  Symmetric Mobility Tunneling (current) .......... Disabled
  Symmetric Mobility Tunneling (after reboot) ..... Disabled
  Mobility Protocol Port........................... 16666
  Mobility Security Mode........................... Disabled
  Default Mobility Domain.......................... mob1
  Multicast Mode .................................. Disabled
  Mobility Domain ID for 802.11r................... 0x392f
  Mobility Keepalive Interval...................... 10
  Mobility Keepalive Count......................... 3
  Mobility Group Members Configured................ 2
  Mobility Control Message DSCP Value.............. 0
  Controllers configured in the Mobility Group
  MAC Address IP Address Group Name Multicast IP Sta
  tus
  00:23:04:7d:3e:e0 10.25.1.21 mob1 0.0.0.0 Up
  00:23:04:7d:79:80 10.20.2.21 mob1 0.0.0.0 Up
  WLCAnchor
  (Cisco Controller) >show mobility summary
  Symmetric Mobility Tunneling (current) .......... Disabled
  Symmetric Mobility Tunneling (after reboot) ..... Disabled
  Mobility Protocol Port........................... 16666
  Mobility Security Mode........................... Disabled
  Default Mobility Domain.......................... mob1
  Multicast Mode .................................. Disabled
  Mobility Domain ID for 802.11r................... 0x392f
  Mobility Keepalive Interval...................... 10
  Mobility Keepalive Count......................... 3
  Mobility Group Members Configured................ 4
  Mobility Control Message DSCP Value.............. 0
  Controllers configured in the Mobility Group
  MAC Address IP Address Group Name Multicast IP Sta
  tus
  00:23:04:7d:3e:e0 10.25.1.21 mob1 0.0.0.0 Up
  00:23:04:7d:62:a0 10.20.1.22 mob1 0.0.0.0 Up
  00:23:04:7d:73:20 10.20.1.21 mob1 0.0.0.0 Up
  00:23:04:7d:79:80 10.20.2.21 mob1 0.0.0.0 Up

• VPN tunnel Problem

  Hi all ,
  I need create VPN tunnels between two  ASAs devices . And these devices are connected through DSL . And as you know in this case we use private outside IP address , because there is  a NAT device at the outside . The problem is that no VPN tunnel is created even though all the parameters and the pre-shared-key are typical .

  I hve allready configured following configuration.
  no crypto map newmap interface outside
  no crypto map newmap 171 set peer 195.11.199.144
  no isakmp key ********* address 195.11.199.144 netmask 255.255.255.255 no-xauth no-config-mode
  crypto map newmap 171 set peer 195.11.204.5
  isakmp key ******** address 195.11.204.5 netmask 255.255.255.255 no-xauth no-config-mode
  clear crypto ipsec sa
  clear crypto isakmp sa
  crypto map newmap interface outside
  Setting were applied successfully however Still VPN tunnel is not been initiated.

• Tunneling Problem using HttpsUrlConnection

  Hi,
  I had gone through forums regarding this topic and still i am facing the same problem using the HttpsUrlConnection. We are working behind a proxy so we have to make a proxy authorization if we want to connect to a server in the internet.
  But in case of HttpUrlConnection, everything works
  fine. But if we do the same with a HttpsUrlConnection, the authentication fails. It throws an IOException
  with the message
  Unable to tunnel through 192.9.100.10:80.
  Proxy returns "HTTP/1.1 407 Proxy authentication required"
  Sample code as follows,
  The following code doesn't have any problem becos it works fine with HttpUrlConnection and also it is working without proxyserver for https as well.
  This is running under MSVM.
  I don't want to use SSLSocketFactory and i need to use following layout(i.e only with Httpsurlconnection)
  Is there any way to make work with proxyserver? Or can't we do this at all?
  System.setProperty("proxySet","true");
  System.setProperty("https.proxyHost","proxyIP");
  System.setProperty("https.proxyPort","80");
  OutputStream os = null;
  OutputStreamWriter osw = null;
  InputStream is = null;
  InputStreamReader isr = null;
  BufferedReader br = null;
  URL url;
  String line = null;
  System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
  Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
  String login = proxyUserName+":"+proxyPassWord;
  String encodedLogin = new sun.misc.BASE64Encoder().encode(login.getBytes());
  url = new URL("https://www.verisign.com");
  HttpsURLConnection con = null;
  con =(HttpsURLConnection) url.openConnection();
  con.setRequestProperty("Proxy-Authorization", encodedLogin);
  con.setRequestMethod("GET");
  con.setDoOutput(true);
  con.setDoInput(true);
  con.setUseCaches(false);
  con.connect();
  os = con.getOutputStream();
  osw = new OutputStreamWriter(os);
  osw.write("SampleMsg");
  osw.flush();
  osw.close();
  is = con.getInputStream();
  isr = new InputStreamReader(is);
  br = new BufferedReader(isr);
  while ( (line = br.readLine()) != null)
       System.out.println("line: " + line);
  Can any one help me regarding this?I need a reply very urgently.
  Thanks,
  Prabhakaran R

  Hope this help.
  Note to change the properties to fit your system, and use the supported package ( JSSE, JRE1.5.......).
  You can use URLConnection for both HTTP or HTTPS protocol.
  import java.io.*;
  import java.net.*;
  import java.security.*;
  import java.util.*;
  import javax.net.ssl.*;
  public class testSSL9 {
  public testSSL9() {
  byte[] data = httpConnection();
  System.out.println(new String(data));
  public static void main(String[] args) {
  Properties sysprops = System.getProperties();
  Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
  // sysprops.put("java.protocol.handler.pkgs",
  // "com.sun.net.ssl.internal.www.protocol");
  sysprops.put("java.protocol.handler.pkgs",
  "javax.net.ssl.internal.www.protocol");
  sysprops.put("javax.net.ssl.trustStore",
  "D:/jdk1.4/jre/lib/security/cacerts");
  sysprops.put("javax.net.debug", "ssl,handshake,data,trustmanager");
  sysprops.put("https.proxyHost", "172.16.0.1");
  sysprops.put("https.proxyPort", "3128");
  sysprops.put("https.proxySet", "true");
  sysprops.put("http.proxyHost", "172.16.0.1");
  sysprops.put("http.proxyPort", "3128");
  sysprops.put("proxySet", "true");
  testSSL9 testSSL91 = new testSSL9();
  private byte[] httpConnection() {
  try {
  URL url = null;
  // String strurl = "https://www.verisign.com";
  String strurl = "https://central.sun.net";
  // String strurl = "http://www.yahoo.com"; --> use: HttpURLConnection
  url = new URL(strurl);
  HttpsURLConnection connection = (HttpsURLConnection) url.openConnection();
  HttpsURLConnection.setFollowRedirects(false);
  connection.setDoOutput(true);
  connection.setDoInput(true);
  connection.setUseCaches(false);
  connection.connect();
  InputStream stream = null;
  BufferedInputStream in = null;
  ByteArrayOutputStream bytearr = null;
  BufferedOutputStream out = null;
  try {
  stream = connection.getInputStream();
  in = new BufferedInputStream(stream);
  bytearr = new ByteArrayOutputStream();
  out = new BufferedOutputStream(bytearr);
  catch (Exception ex1) {
  System.out.println(ex1);
  System.out.println("Server reject connection...sory");
  int i = 0;
  while ( (i = in.read()) != -1) {
  out.write(i);
  out.flush();
  stream.close();
  in.close();
  bytearr.close();
  out.close();
  return bytearr.toByteArray();
  catch (Exception ex) {
  ex.printStackTrace();
  return null;
  }

• Oracle 9i Web Services Quickstart Install TCP tunneling problem

  When I try to run the OTNGUIDGenerator example using the TCP Tunneling portion of the Oracle 9i Web Services Quickstart
  Install I get this in the From localhost8900 tunnel window:
  <?xml version='1.0' encoding='UTF-8'?>
  <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <SOAP-ENV:Body>
  <ns1:getGUID xmlns:ns1="oracle.otn.ws.emarket.OTNGUIDGenerator" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
  </ns1:getGUID>
  </SOAP-ENV:Body>
  </SOAP-ENV:Envelope>
  I get this in the From 127.0.0.1:8888 window:
  HTTP/1.1 404 Not Found
  Date: Mon, 28 Oct 2002 20:38:06 GMT
  Server: Oracle9iAS (9.0.2.0.0) Containers for J2EE
  Content-Length: 171
  Connection: Close
  Content-Type: text/html
  <HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>404 Not Found</H1>Resource /j2ee-web/oracle.otn.ws.emarket.OTNGUIDGenerator not found on this server</BODY></HTML>
  This is my webservices stub
  public class OTNGUIDGeneratorStub
  /** public String endpoint = "http://otn.oracle.com/ws/oracle.otn.ws.emarket.OTNGUIDGenerator"; */
  public String endpoint = "http://127.0.0.1:8900/j2ee-web/oracle.otn.ws.emarket.OTNGUIDGenerator";
  private OracleSOAPHTTPConnection m_httpConnection = null;
  public OTNGUIDGeneratorStub()
  System.setProperty("oracle.soap.transport.noHTTPClient", "true");
  m_httpConnection = new OracleSOAPHTTPConnection();
  Properties props = new Properties();
  /** props.put(OracleSOAPHTTPConnection.PROXY_AUTH_TYPE, "basic");
  props.put(OracleSOAPHTTPConnection.PROXY_HOST, "proxy.scott.af.mil");
  props.put(OracleSOAPHTTPConnection.PROXY_PORT, "375");
  props.put(OracleSOAPHTTPConnection.PROXY_USERNAME, "fowlerji");
  props.put(OracleSOAPHTTPConnection.PROXY_PASSWORD, "F1234567*g"); */
  m_httpConnection.setProperties(props);
  Not sure what to call the server - this works okay when I'm not using tunneling and using our proxy server??

  I think your problem is that you have a proxy user/password and the TCP Monitor (both the command line and built-in 9.0.3 version) do not support that - they only support specification of the proxy server itself :-(
  It is a feature request that I hope will make it into the late spring/early summer release of JDeveloper - I wrote it up as a request based on the number of folks who faced this issue with these tutorials.
  Mike.

• Reverse SSH Tunnel problem?

  I'm trying to do a reverse SSH tunnel for a VNC project. I'm successful when I do it on a Linux box or Cygwin under Windows, but I'm having problems under Mac OS.
  Here's what I do:
  Terminal 1:
  ssh -nNTvvv -R 5500:localhost:5500 -l my_username myhost.com
  Then, to see what's going on, I run in terminal 2:
  nc -l -p 5500
  Then, in a third terminal, I ssh over to myhost.com, and telnet to localhost 5500.
  If I initiate this whole setup on other platforms, I can then type stuff in my in the third terminal and see it echoed happily in terminal 2.
  Under Mac OS, everything goes fine until I do the telnet on myhost.com. The diagnostic in terminal 1 is:
  debug1: channel 0: new [::1]
  debug1: confirm forwardeded-tcpip
  debug3: channel 0: waiting for connection
  debug1: channel 0: not connected: Connection refused
  It's not a firewall issue, as I can telnet directly to port 5500 on the Mac from myhost.com without any problem.
  Google gives me no help here. Any ideas?
  Thanks!
  12" G4 Powerbook   Mac OS X (10.4.8)  

  Figured it out - did a no ip ssh v 2 and hey presto started working

• Tunnel Problem

  I'm trying to simulate a tunnel through a service provider:
  I have 3 Routers, which are connected with static routes and are all pinging each other other through serial and fastethernet interfaces.
  Router 1 and Router 3 are acting as tunnel endpoints. Router 2 is service provider.
  Configurations:
  Router 1 Loopbacks:
  192.168.2.0
  192.168.3.0
  192.168.4.0
  Router 3 Loopbacks:
  192,168.13.0
  192.168.14.0
  Router 1 and 2: 192.168.8.1 255.255.255.252
  Rouer 2 and 3: 192.168.9.1 255.255.255.252
  Tunnel is: 10.40.40.1 on R1
                 10.40.40.2 on R3
  Router 1:
  Interface Tunnel 0
  Tunnel Source: 192.168.8.1
  Tunnel Destination: 192.168,9.2
  ip route 192.168.9.2 255.255.255.255 192.168.8.2
  router eigrp 1
  network 192.168.2.0
  network 192.168.3.0
  network 192.168.4.0
  Router 3:
  Interface Tunnel 0
  Tunnel Source: 192.168.9.2
  Tunnel Destination: 192.168.8.1
  ip route 192.168.8.1 255.255.255.255 192.168.9.1
  router eigrp 1
  network 192.168.13.0
  network 192.168.14.0
  After these configurations I see on both routers 1 and 3 the Tunnels are in up/up and I can ping 10.40.40.1 to 10.40.40.2, but no eigrp router are coming up, what is the problem ??? Is the source and destination ip addresses correct, are my ip route statics correct ?? Please help.
  Thanks,
  Sergei.
  After this configuration I see my Tunnel on both Roter

  Sergei,
  Add the tunnel network into your Router EIGRP 1 statements in router 1 & 3. I believe that should do the trick.
  router eigrp 1
  network 10.40.40.0

• VTI tunnel problem

  Hi all,
  We have VTI tunnels between Cisco (3825 and 878) and Juniper (SRX3600).
  Sometimes tunnel is going down and I should manualy shutdown and no shutdown tunnel interface to bring it up.
  This is logs from Cisco:
  %%crypto-4-recvd_pkt_inv_spi: decaps: rec'd ipsec packet has invalid spi for destaddr=X.Y.100.200, prot=50, spi=0xc5d07a33(3318774323), srcaddr=X.Y.100.100
  %%crypto-4-ikmp_no_sa: ike message from X.Y.100.100 has no sa and is not an initialization offer
  X.Y.100.100 is Juniper SRX3600
  X.Y.100.200 is Cisco 3825
  But I see this logs more often, than tunnel is going down!
  So what is problem?
  Thanks

  Hello,
  this should help #crypto           isakmp invalid-spi-recovery
  http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a0080bf6100.shtml
  Best Regards
  Please rate all helpful posts and close solved questions

• MPLS TE tunnel problem

  Hi,
  i created MPLS TE tunnel between three Cisco 2811 series routers and configured that MPLS TE tunnel will reserve 1Mbps of bandwidth.Then I started to send constant 3 Mbps data flow trough the MPLS TE tunnel (everything looks ok: tunnel is up, bandwidth is reserved, all the data flow entering the tunnel). The problem is that data flow leaving the tunnel at 3Mbps rate. Why tunnel don’t limit data rate?????

  The tunnel doesn't do rate-limiting. Bandwidth at the tunnel level is only a control plane feature.
  You need to configure admission control on the tunnel headend with CAR or some other form of rate limiting if you want to enforce the tunnel reserved bandwidth.
  Hope this helps,

• Tunneling Problem.

  Hello All,
  This is Jay Kishan. I work in Pakistan Petroleum Limited as a Network Associate. There is a little problem that i am facing recently. We have a Head Office in Karachi and a Remote Location is Islamabad. We are connecting them with a Primary DXX Link with an active VSAT Backup Link. As soon as the DXX Link goes down the VSAT Link comes up automatically. But the DXX Provider has introduced a few more non-cisco devices in the middle and now we have to create a tunnel from our ISB 2610 Router to KHI 3661 Router. The reason for creating the tunnel is that we dont want the DXX provider to know our network. But the problem that we have at our hand is that the tunnel never goes down as the interfaces on both the routers are connected to devices that wont go down. But there can be a problem in some other middle device because of which the link may not work. So the situation is that even the DXX Link isnt working the tunnel is still up and the VSAT Backup link doesnt come up. So how can i make sure that if the DXX Link stops working the tunnel could sense it and the VSAT Backup link comes up automatically. I will be very much thankful for any sort of help. Thanks in advance.
  Regards,
  Jay Kishan
  PPL

  Jay
  The GRE keepalive is a very nice feature and it does sound like it would solve your problem. It was introduced somewhat recently (I just looked at the notes and it indicates that it was introduced on some platforms in 12.2(8)T and a bit later on other platforms). What platform are you running this on and what version of code?
  The configuration is pretty straightforward:
  interface tunnel n
  keepalive
  and it has optional parameters on the keepalive to specify how many seconds and how many retries.
  If you router does not have keepalive as a command under the tunnel interface, then that is a good indication that the version of code that you are running does not have this feature. Would it be worth upgrading code to get this feature?
  HTH
  Rick

• SSL-Tunneling Problem with Stronghold

  Hello,
  I installed HTTP-Tunneling between a Java-Client and a WLS 4.5.1SP 13
  throuch a Stronghold-Server using mod_wl_ssl.so.
  But when I'm trying to connect via HTTPS (port 443) to the Stronghold, the
  plugin is no longer working correctly. I get the following output in the log
  of the plug-in:
  --------------Begin--------------
  ========New Request: [GET
  /HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=634395
  5830116743121 HTTP/1.0] =========
  Thu Jan 4 18:46:57 2001 Cookie String missing in the Cookie
  Thu Jan 4 18:46:57 2001 queryStr =
  wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=6343955830116743121
  Thu Jan 4 18:46:57 2001 The request string is
  '/HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=63439
  55830116743121'
  Thu Jan 4 18:46:57 2001 After trimming path:
  '/HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=63439
  55830116743121'
  Thu Jan 4 18:46:57 2001 Now trying whatever is on the list;
  ci->canUseSrvrList = 1
  Thu Jan 4 18:46:57 2001 AttemptConnect(): Srvr# [1] = [agni:7002]
  Thu Jan 4 18:46:57 2001 general list: trying connect to 'agni'/7002
  Thu Jan 4 18:46:57 2001 Connected to agni:7002
  Thu Jan 4 18:46:57 2001 Headers from the client [Accept]=[text/html,
  image/gif, image/jpeg, *; q=.2, */*; q=.2]
  Thu Jan 4 18:46:57 2001 Headers from the client [Host]=[sbcipx:443]
  Thu Jan 4 18:46:57 2001 Headers from the client [User-Agent]=[Java1.2.2]
  Thu Jan 4 18:46:57 2001 Sending header to WLS [Accept]=[text/html,
  image/gif, image/jpeg, *; q=.2, */*; q=.2]
  Thu Jan 4 18:46:57 2001 Sending header to WLS [Host]=[sbcipx:443]
  Thu Jan 4 18:46:57 2001 Sending header to WLS [User-Agent]=[Java1.2.2]
  Thu Jan 4 18:46:57 2001 Sending header to WLS
  [X-WebLogic-Force-Cookie]=[true]
  Thu Jan 4 18:46:57 2001 Sending header to WLS [WL-Proxy-SSL]=[true]
  Thu Jan 4 18:46:57 2001 Sending header to WLS
  [Proxy-Client-IP]=[192.168.17.116]
  Thu Jan 4 18:46:57 2001 Sending header to WLS
  [X-Forwarded-For]=[192.168.17.116]
  Thu Jan 4 18:47:12 2001 sysRecv failed, return val = [0] errno=0
  errmsg=[Error 0]
  Thu Jan 4 18:47:12 2001 Error reading WebLogic Response from agni:7002
  Return Value = -1
  Thu Jan 4 18:47:12 2001 Marking agni:7002 as bad
  Thu Jan 4 18:47:12 2001 Got FAILOVER response from sendRequest... will
  retry
  Thu Jan 4 18:47:12 2001 Attempting a connect with the forceCookie bit
  turned ON : [1]
  Thu Jan 4 18:47:12 2001 Now trying whatever is on the list;
  ci->canUseSrvrList = 1
  Thu Jan 4 18:47:12 2001 AttemptConnect(): Srvr# [1] = [agni:7002]
  Thu Jan 4 18:47:12 2001 Request timed out after 10 seconds
  Thu Jan 4 18:47:12 2001 Redirecting the error response to the errorPage =
  [http://www.finance.ch]
  Thu Jan 4 18:47:12 2001 r->status=302 returning 0
  Thu Jan 4 18:47:14 2001
  ---------------End
  Any Ideas, what I didn't configured correctly for the stronghold/plug-in/WLS
  Thank you
  Remo

  "Remo Schnidrig" <[email protected]> wrote:
  Hello,
  I installed HTTP-Tunneling between a Java-Client and a WLS 4.5.1SP 13
  throuch a Stronghold-Server using mod_wl_ssl.so.
  But when I'm trying to connect via HTTPS (port 443) to the Stronghold, the
  plugin is no longer working correctly. I get the following output in the log
  of the plug-in:
  --------------Begin--------------
  ========New Request: [GET
  /HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=634395
  5830116743121 HTTP/1.0] =========
  Thu Jan 4 18:46:57 2001 Cookie String missing in the Cookie
  Thu Jan 4 18:46:57 2001 queryStr =
  wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=6343955830116743121
  Thu Jan 4 18:46:57 2001 The request string is
  '/HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=63439
  55830116743121'
  Thu Jan 4 18:46:57 2001 After trimming path:
  '/HTTPClntLogin/a.tun?wl-login=https+dummy+WLREQS+4.5.1+dummy+%0A&rand=63439
  55830116743121'
  Thu Jan 4 18:46:57 2001 Now trying whatever is on the list;
  ci->canUseSrvrList = 1
  Thu Jan 4 18:46:57 2001 AttemptConnect(): Srvr# [1] = [agni:7002]
  Thu Jan 4 18:46:57 2001 general list: trying connect to 'agni'/7002
  Thu Jan 4 18:46:57 2001 Connected to agni:7002
  Thu Jan 4 18:46:57 2001 Headers from the client [Accept]=[text/html,
  image/gif, image/jpeg, *; q=.2, */*; q=.2]
  Thu Jan 4 18:46:57 2001 Headers from the client [Host]=[sbcipx:443]
  Thu Jan 4 18:46:57 2001 Headers from the client [User-Agent]=[Java1.2.2]
  Thu Jan 4 18:46:57 2001 Sending header to WLS [Accept]=[text/html,
  image/gif, image/jpeg, *; q=.2, */*; q=.2]
  Thu Jan 4 18:46:57 2001 Sending header to WLS [Host]=[sbcipx:443]
  Thu Jan 4 18:46:57 2001 Sending header to WLS [User-Agent]=[Java1.2.2]
  Thu Jan 4 18:46:57 2001 Sending header to WLS
  [X-WebLogic-Force-Cookie]=[true]
  Thu Jan 4 18:46:57 2001 Sending header to WLS [WL-Proxy-SSL]=[true]
  Thu Jan 4 18:46:57 2001 Sending header to WLS
  [Proxy-Client-IP]=[192.168.17.116]
  Thu Jan 4 18:46:57 2001 Sending header to WLS
  [X-Forwarded-For]=[192.168.17.116]
  Thu Jan 4 18:47:12 2001 sysRecv failed, return val = [0] errno=0
  errmsg=[Error 0]
  Thu Jan 4 18:47:12 2001 Error reading WebLogic Response from agni:7002
  Return Value = -1
  Thu Jan 4 18:47:12 2001 Marking agni:7002 as bad
  Thu Jan 4 18:47:12 2001 Got FAILOVER response from sendRequest... will
  retry
  Thu Jan 4 18:47:12 2001 Attempting a connect with the forceCookie bit
  turned ON : [1]
  Thu Jan 4 18:47:12 2001 Now trying whatever is on the list;
  ci->canUseSrvrList = 1
  Thu Jan 4 18:47:12 2001 AttemptConnect(): Srvr# [1] = [agni:7002]
  Thu Jan 4 18:47:12 2001 Request timed out after 10 seconds
  Thu Jan 4 18:47:12 2001 Redirecting the error response to the errorPage =
  [http://www.finance.ch]
  Thu Jan 4 18:47:12 2001 r->status=302 returning 0
  Thu Jan 4 18:47:14 2001
  ---------------End
  Any Ideas, what I didn't configured correctly for the stronghold/plug-in/WLS
  Thank you
  Remo
  As far as I know, HTTPS-Tunneling through NES, APACHE, and IIS
  is not supported. You can setup HttpClusterServlet to do HTTPS-
  Tunneling.
  Jong

• Convert anchor point tool problem

  I'm new to illustrator.. when I want to move tangents independently it only works with the first one I grab, the other one disappears, and reappears while I hold the first one.. bug?

  1) Both handles reappear and I can move them as I should be able to with the convert tool
  2) that also works fine with the direct select tool,I don't even have to convert so that kinda solves my problem
  3) when point is converted I can drag handles with the direct select tool
  Thx!

• REP-3104: Anchors  and matrices problem in Report

  I have a master detail report. The detail repeating frame has a set of boiler plates that are diiferent from the master e.g
  master lease master address master location master first name master lastname
  Then master repeating frame
  The detail boiler plates within a frame
  Detail lease detail unit detail property detail occupancy. There is a break on detail lease and detai unit
  Then detail repeating frame
  My question is if there is no corresponding detail for a master then the detail boiler plates should not appear and then next master should occupy the space the detail occupies. I got the first part but when I put accord and try to collapse vertically and getting the error above.
  REP-3104: Anchors and matrices cannot be scaled differently from their association objects

  Hello,
  The parameter -install is no more supported when starting the Reports Server :
  http://download-uk.oracle.com/docs/cd/B14099_17/bi.1012/b14048/pbr_strt.htm
  You can use the following command lines :
  rwserver server=rep_training
  or
  rwserver server=rep_training batch=yes
  Regards

• Guest Tunneling Problems

  Hi
  I was wondering if anybody could help me out here. I have been following the guidelines as per the WLC softweare configuration guide with regards to configuring the internal controller which is pretty straightforward. The mobility anchor is up with the DMZ controller however I am not sure what configuration is required on the DMZ controller itself with regards to DHCP and the Guest WLAN itself. To be honest the documentation is a bit skimpy to say the least.
  Any help would be greatly appreciated
  Cheers,
  Martin

  Martin,
  I share your frustrations with the documentation on the guest access. From what you stated you're having trouble with how guest access mobility is configured with respect to DHCP. Hope this helps.
  The first part is well documented. Setup a mobility group between the remote and DMZ controller. Make sure it's up. Now we'll move onto DHCP configuration.
  1) On the DMZ controller, configure a DHCP pool for the guest clients. Make sure you build a WLAN and bind it to the proper interface
  2) On the remote controller, under your "management" interface set the DHCP server to be the ip address of the management interface on the DMZ controller. Very important!
  3) Build the guest WLAN on the remote controller with the same configuration and bind it's interface to the management interface of the remote controller.
  Voila... all DHCP requests will now be forwarded to the DMZ anchor.
  Anything else I can help with let me know.
  -Mike
  http://cs-mars.blogspot.com

• ASA ssh,telnet.jar smart tunnels problems

  Hi
  From my asa I'm trying to gain access to some servers Linux (no local firewalls on them) from the clientless session using the ssh,telnet jar plugin.
  The plugin starts and shows the login prompt and then I enter the correct user name and passwords and then I'm left with a black square.
  Any suggestions for debugging?
  ASA runnig 9.1, the problem is to both Linux boxes and a IOS router.

  On testing the above even further, I seem to have an issue...
  With the following configuration loaded...
  aaa-server TLS-ACS5 protocol tacacs+
  aaa-server TLS-ACS5 (inside) host 10.0.20.200
  key passme123
  aaa authentication ssh console TLS-ACS5 LOCAL
  aaa authentication telnet console TLS-ACS5 LOCAL
  aaa authentication ssh console TLS-ACS5 LOCAL
  aaa authentication telnet console TLS-ACS5 LOCAL
  aaa authentication enable console TLS-ACS5 LOCAL
  With the PIX in communication with the ACS the above works well, with me successfully logging in with credentials added to the ACS.
  On testing this further I have taken the link down between the PIX and the ACS (to recreate a failure scenario).  I can still login using the internal (LOCAL) username & password.  This seems to work fine, however if I try to access the exec-privilege mode (i.e. enable) the PIX does not except the enable password added to the configuration moreover it prefers the same password used for creating the initial user.
  username admin-user password adminpass123 encrypted
  enable password enablepass123 encrypted
  For example; with the above lines in the running configuration of the PIX , I can login into PIX using admin-user and enter the password adminpass123. However, if I try and then go onto access exec-privilege mode (i.e. enable) the PIX does not except the password "enablepass123" put does except "adminpass123"... this is even with "aaa authentication enable console TLS-ACS5 LOCAL" added to the running configuration.
  Has anyone else seen this issue on a PIX/FW. Am I missing something from my configuration? Does anyone know of a workaround to this issue or is it just something I have to live with?